package com.bizihang.security.browser.config;

import com.bizihang.security.core.authentication.mobile.SmsCodeAuthenticationSecurityConfig;
import com.bizihang.security.core.properties.SecurityConstants;
import com.bizihang.security.core.properties.SecurityProperties;
import com.bizihang.security.core.validate.code.ValidateCodeFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;

import javax.sql.DataSource;


/**
 * @author 毕子航 951755883@qq.com
 * @date 2018/08/15
 */
@Configuration
public class BrowsersSecurityConfig extends WebSecurityConfigurerAdapter {
	public static final String CODE_IMAGE_URL = "/code/*";

	@Autowired
	SecurityProperties securityProperties;
	@Autowired
	BrowserAuthenticationSuccessHandler successHandler;
	@Autowired
	BrowserAuthenticationFailureHandler failureHandler;
	@Autowired
	DataSource dataSource;
	@Autowired
	UserDetailsService userDetailsService;

	@Autowired
	ValidateCodeFilter validateCodeFilter;

	@Autowired
	SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig;

	/**
	 * token存放位置
	 *
	 * @return
	 */
	@Bean
	public PersistentTokenRepository persistentTokenRepository() {
		JdbcTokenRepositoryImpl repository = new JdbcTokenRepositoryImpl();
		repository.setDataSource(dataSource);
//		repository.setCreateTableOnStartup(true);
		return repository;
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {


		String loginPage = securityProperties.getBrowser().getLoginPage();

		http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class)
				.formLogin()
				.loginPage(SecurityConstants.UNAUTHORIZED_REDIRECT_URL)
				.loginProcessingUrl(securityProperties.getBrowser().getLoginProcessingUrl())
				.successHandler(successHandler)
				.failureHandler(failureHandler)
				.and()
				.rememberMe()
				.tokenRepository(persistentTokenRepository())
				.tokenValiditySeconds(securityProperties.getBrowser().getRememberMeSeconds())
				.userDetailsService(userDetailsService)
				.and()
				.authorizeRequests()
				.antMatchers("/authentication/mobile", SecurityConstants.UNAUTHORIZED_REDIRECT_URL, CODE_IMAGE_URL, securityProperties.getBrowser().getLoginProcessingUrl(), loginPage).permitAll()
				.anyRequest()
				.authenticated()
				.and()
				.csrf().disable()
				.apply(smsCodeAuthenticationSecurityConfig);
	}

	@Bean
	PasswordEncoder passwordEncoder() {
		return new BCryptPasswordEncoder();
	}
}
